Cybersecurity

Is EASA a Strategic Partner of IATA?

Hi. I noticed that the EASA research agenda 2022-2024 includes a research topic called 'Aviation Cybersecurity Grand Challenge' (SEC-08), which also was in last year's agenda. What opportunities are there for white hat hackers to participate in this research and how can they get involved?

On the occasion of the Cybersecurity Workshop of the ICAO/LACAC NAM/CAR and SAM Aviation Security and Facilitation Regional Group (AVSEC FAL) kindly hosted by ANAC Brazil on 21 November 2022 in Iguazu, Brazil, EASA was invited to deliver a keynote presentation.

The EASA delegation was led by Mr Luc Tytgat, Strategy and Safety Management Director, and included staff from the International Cooperation - America & Africa Section, EASA Representative in Panama, as well as the Cybersecurity in Aviation & Emerging Risks Section.

The workshop opened with welcoming speeches from high level representatives of Latin American Civil Aviation Commission (LACAC), EASA (Mr Tytgat), ICAO South American Regional Office (SAM), ICAO North American, Central American and Caribbean Office (NACC) and Civil Aviation Authority of Brazil (ANAC). All the speakers agreed on the importance of the cybersecurity topic, and the need to tackle the cybersecurity threats.

Mr Tytgat stressed the importance of cooperation between ICAO and EASA in the areas of safety and security, the role of EASA vis-à-vis cybersecurity in Europe, and introduced the upcoming presentation on “EU Strategic Coordination Platform (ESCP), the added value of regional cooperation and other EASA Cybersecurity tools” by Mr Davide Martini, Senior Expert on Cybersecurity in Aviation.

A total of approximately 100 participants from the LAC region attended the event, which gave EASA an important opportunity to disseminate EU experience in the region.

Taking the opportunity of the AVSEC FAL workshop and the presence of DGs and Regional Directors, EASA delegation is in Iguazu for the kick-off of the new EU LAC Aviation Partnership Project (APP) funded by the EU and implemented by EASA. The First Project Management Board Meeting will be held on 22 Nov 2022: https://eu-lac-app.eu/project-activities/eu-lac-aviation-partnership-pr…

#EASA SAFE 360 Conference concludes today. Wellbeing, aviation careers, Data4Safety, risk management, cybersecurity, drones and plenty more subjects were discussed during the conference which aims at looking at aviation from a 360 degree perspective.
https://t.co/73w41Zobxl
pic.twitter.com/BYG9ZHa1WA

— EASA (@EASA) September 15, 2022

I will finalize my Security Risk & Analysis Certification from Pennsylvania State University in Jan 2023 and seek an opportunity to support an organization as a volunteer in Risk and Analysis with an emphasis on aircraft component technology and software security risk and litigation. Thank you for any advice and direction in regards to this post.

Please be awaree of the MedusaLocker
https://www.cisa.gov/uscert/ncas/alerts/aa22-181a

How to achieve an aviation system resilient against cyberattacks? EASA experts Aviation Cybersecurity Workshop, Singapore, exchange on an international approach to increase resilience, safety and security of aviation. A coordinated and international effort is required. pic.twitter.com/Rp0u3h4j9D

Dear Colleagues,
are you aware of any guidance from EASA about the development of an Aircraft Network Security Program (ANSP) or Aircraft Information Security Program (AISP)? I'm aware of material from the FAA (AC119-1) and CAAS (AC 121-7-2). Thank you in advance!

Any of you planning to be at the Eurocae training next week?
https://www.eurocae.net/training/aircraft-cyber-security-development-an…

Dear colleagues,

do we have any news about Opinion 3/2021 and the status of the decision, AMCs &GMs?

Thx